Checkmarx CxSuite Enhanced With Static Source Code Provided By Security Innovations » read source
Security Innovation specializes in software security, an area where traditional “information security” and “business” consultants tend to struggle. The company has been analyzing software weaknesses and risk for almost a decade and are one of the first suppliers of software risk solutions to Fortune 500 firms. Security Innovation is an authority on software security and major provider of vulnerability assessment, education and software risk products and services to Fortune 500 companies.
Checkmarx was founded in 2006 with the intention of offering comprehensive applications for automated security code review. The company developed the concept of a query language-based solution for tracking technical and logical code vulnerabilities. Checkmarx’s technology is utilized by large companies as well as small and medium R&D organizations. By partnering with leading international application security experts, they target to offer complete fulfillment and customer success.
Security Innovation has announced today that it is offering the Checkmarx CxSuite components static source code analysis instruments as part of its comprehensive solution for software security. By incorporating the CxSuite with the company's products and services, Security Innovation can help organizations become more self-sufficient around tool utilization in all angles of software application design, development, and administration.
Security Innovation customers can now gain access to best-of-breed static analysis tools to uncover security weaknesses in code developed in-house or via development partners. Developers can utilize Checkmarx to study their source code for security vulnerabilities right from their desktops with seamless IDE integration or with the stand-alone CxDeveloper UI for a part of the price of competitive products. Organizations can concentrate the use of Checkmarx to ensure corporate security coding standards and guidelines, and CxAudit's CxQL custom query language permits users to drive the tool to near-zero false positives – an industry first.
Emmanuel Benzaquen CEO of Checkmarx Ltd. explained "We invented Checkmarx static source code security analysis software suite because the current products are not meeting the needs of today's development environments. Yesterday's static analysis tools are difficult to use, overpriced, and inaccurate. Checkmarx CxSuite was designed from the ground up to be incredibly accurate so that developers can focus on real problems. We are very pleased to be working with Security Innovation to further bring Checkmarx products to the market as they are a widely recognized authority on secure software development."
Vice President of Marketing at Security Innovation, Nick Allen added "Organizations of all sizes need guidance, training and tools to address the epidemic of poorly-written and insecure software. Security Innovation already offers secure software guidance and computer-based training to direct development and information security teams through all of the steps of defining, designing, coding, testing and deploying secure software applications,". He continued, "With the addition of Checkmarx world-class static source code analysis, we can offer an affordable, comprehensive single-vendor solution for companies that want to improve their software security position in all three critical areas of operation – people, process, and technology."
Checkmarx static analysis permits organizations to address the challenge of securing their code efficiently with seamless integration into development environments. Using pre-defined checklists for common security problems like regulatory compliance demands (OWASP, SANS, and PCI-DSS) makes it very easy for organizations to check their code in a logical and prioritized way. Checkmarx permits teams to execute automatic code reviews and identify, track, and fix technical and logical security faults at the source. CxDeveloper and CxAudit support security code analysis in both the Microsoft .NET and J2EE environments and support multiple languages beyond those two frameworks, such as C/C and a unique support for Salesforce APEX.